Connect with us


Your Phone’s SIM Card Isn’t Completely Safe From Hackers, Karsten Nohl Says





Just a few blogs ago, we shared with you Karsten Nohl’s latest exposition that credit cards aren’t entirely safe as we think they are. According to him and Fabian Braunlein, his partner, hackers can easily run away with your money by stealing your personal information and even duplicating your credit card.

We got pretty fascinated with this guy’s keen knowledge about security-related matters. So we dug deeper on his other studies and we found another interesting one.

In a post published by RT, this German code breaker revealed majority of the SIM card designs used across the world are actually vulnerable to hackers.

Karsten Nohl, an ‘ethical hacker’ managed to easily hack into a ‘secure’ SIM card.

karsten-nohl-sim-card-hack 2

Photo credit: Digi.No

Nohl said:

“SIM cards were the last widely-used [piece of] technology left that no one had broken yet.”

He, however, works as an ‘ethical hacker’ and so he did his best to hack his way into the security system. His purpose? To present his findings to the companies so they can fix the flaws.

UN’s International Telecommunications Union were pretty convinced with the evidence he came up with, calling it a “significant” finding that should serve as a warning for mobile phone operators.

Nohl managed to acquire total control of an individual’s phone just by discovering a SIM card’s unique encryption key. So yes, Nohl just proved that the plastic circuit board on your SIM isn’t really that reliable.

Once hackers discover this flaw, they can steal confidential information from mobile phone users.

karsten-nohl-sim-card-hack 1

Photo credit: PhoneWorld

Nohl added:

“The worst case scenario that I could foresee is criminals acquiring enough information to hack a few million cards in the country. The main short term threat after criminals finally acquire this attack method is fraud. They will abuse the cards to send premium SMS, for instance. They can also steal banking tokens from them in countries where that is used.”

So what’s the best solution for this programming flaw?

Nohl only commented:

“The best bet currently is to wait for the network to implement countermeasures before the abuse starts and should abuse happen in your network, ask for a new SIM card.”

Consider us a bit alarmed.



View Comments